Paul, thank you for your answer!
Paul Bijnens schrieb:
>
> On 2007-11-02 14:45, Philipp Geschke wrote:
>>
>> I want to set up amanda in an unsecure multiuser environment.
>> I want every user (maschine) to have access to their own backup only.
>> But what happens right now is, as soon as a host is authenticated, it
>> needs only to know the configurations name and the name of the host he
>> wants the backup from, and it can access what ever it wants using the
>> sethost command in amrecover (eg. amrecover -C test >> sethost
>> test.testdomain.local).
>>
>> So, basically my question comes down to this:
>> Does amanda support something like an acl to limit one host to one
>> backup instead of opening all backups to any host that is allowed to
>> connect to the index and tapeserver?
>
>
> What I would do is to edit the .amandahost on the server
> and do not allow any host to restore anything. And when someone needs
> to restore something, then temporarily add an entry for that host.
> And tell the user that you will monitor his restore actions (you
> can find those in the amanda-debug dir on the server).
> When finished, disallow access again, by editing the .amandahosts
> file on the server.
>
> Not perfect, but you wouldn't expect to automate security in a
> non-secure environment, do you?
>
>
Nah, I wouldn't. I was just wondering if there's really no kind of
security for the backups as soon as your host is generally allowed to
connect to amindexd and amidxtaped, because I see the need also for a
secure environment.
I can't see a company with a closed private network want the small post
office guy to restore the CEO's /home backup on his machine.
Your suggestions is an option that's worth considering, as a couple
others are that I came up with already, but unfortunately I'm kinda
looking for the 100 percent solution.
Cheers,
Philipp
|